Companies have a duty to ensure the security of their systems. At the same time, companies have to respect the data protection rules and regulations, and privacy of personal data. For example, companies may store and manipulate private personal data for different business purposes. As a direct consequence of the security requirements, companies are more and more investing in Security Information Event Management (SIEM) systems. Data collected by companies usually includes sensitive or personal identifiable information. SIEM systems face data protection challenges. Data anonymization (also known as de-identification) may be used with respect to protecting private data. The process of data anonymization includes removing or altering data in an effort to make it impossible to determine the privacy information included in the data.